More on LinuxToday

SunWorld: Tapping on the walls - Learn to think like your attacker

"Paring down your network services isn't the only way to protect
your systems against attacks: port scanning can also be an
effective tool. In this month's Building Blocks of Security, Sandra
Henry-Stocker shows you how to stay one step ahead of your
enemy...."

"Minimizing services is just the beginning of adopting a
defensive posture, however. Numerous security experts suggest that
thinking like an attacker is the only way to prepare yourself to
defend your site. This month, we'll examine port scanning (sending
packets to systems and gaining insight from the responses) -- which
has been compared to tapping on walls to determine where beams are
located -- and look at what an intruder can determine about
services you're running...."

"True port scanning involves sending requests to all interesting
ports on a particular system or group of systems to determine which
services can be exploited. An interesting port is generally a
well-known one on which services are likely running. High-numbered
ports usually represent outgoing connections rather than system
services (e.g., the difference between a user running telnet and
the system's telnet daemon). However, scanning up to port 65536 is
not uncommon."